firehol-iptables - include custom iptables commands

FireHOL Team. FireHOL Reference Built 13 Apr 2025 firehol-iptables(5)

The iptables and ip6tables helper commands pass all of their arguments to the real iptables(8) or ip6tables(8) at the appropriate point during run-time. Note When used in an interface or router, the result will not have a direct relationship to the enclosing definition as the parameters passed are only those you supply. You should not use /sbin/iptables or /sbin/ip6tables directly in a FireHOL configuration as they will run before FireHOL activates its firewall. This means that the commands are applied to the previously running firewall, not the new firewall, and will be lost when the new firewall is activated. The iptables and ip6tables helpers are provided to allow you to hook in commands safely. When using the -t option to specify a table, ensure this is the first option to iptables, otherwise “fast activation” will fail with an error message such as: iptables-restore: The -t option cannot be used in iptables-restore

Fix LXC DHCP on same host: iptables -t mangle -A POSTROUTING -p udp --dport 68 -j CHECKSUM --checksum-fill

firehol-iptables - include custom iptables commands

• firehol(1) - FireHOL program • firehol.conf(5) - FireHOL configuration • iptables(8) - administration tool for IPv4 firewalls • ip6tables(8) - administration tool for IPv6 firewalls • FireHOL Website • FireHOL Online PDF Manual • FireHOL Online Documentation

iptables argument... ip6tables argument...